13 März 2018 18:32:57

We’re pleased to announce that ACMEv2 and wildcard certificate support is live! With today’s new features we’re continuing to break down barriers for HTTPS adoption across the Web by making it even easier for every website to get and manage certificates.

Wildcard certificates allow you to secure all subdomains of a domain with a single certificate. Wildcard certificates can make certificate management easier in some cases, and we want to address those cases in order to help get the Web to 100% HTTPS. We still recommend non-wildcard certificates for most use cases.

Wildcard certificates are only available via ACMEv2. In order to use ACMEv2 for wildcard or non-wildcard certificates you’ll need a client that has been updated to support ACMEv2. It is our intent to transition all clients and subscribers to ACMEv2, though we have not set an end-of-life date for our ACMEv1 API yet. Additionally, wildcard domains must be validated using the DNS-01 challenge type. This means that you’ll need to modify DNS TXT records in order to demonstrate control over a domain for the purpose of obtaining a wildcard certificate.

The plan is to release midpoints Let's Encrypt 4 Domino v2 in the next few weeks, after we will have finished some final tests.

So yes - LE4D v2 will support wildcard certificates!

But you should have one already in mind. To use wildcard certificates - ACMEv2 will do the validation using a DNS-01 challenge. That will require to add a DNS TXT record to your public DNS zone. A fully automatic solution will not work with all used DNS servers.

But we will explain this in more detail, when we will release LE4D v2. Stay tuned

Note on data protection and data usage:
Please read our Notes on Data Protection before posting a comment here.
The following data is required to create a comment:
- Name
- Mail address
The name can also be a nickname/pseudonym and will be displayed here on this blog with your comment. The email address will be used for personal questions by me, Detlev Pöttgen, in the event that the content of your comment is unclear.
Neither your name nor your e-mail address will be used for any other purposes (like advertising) and will not be passed on to third parties.
Your comment including your transmitted contact data can be deleted at any time on your request. In this case please send an email to blog(a)poettgen(dot)eu